VMware NSX Lab Part 5 Microsoft Directory Services & DNS - rharmonson/richtech GitHub Wiki
January 13, 2016
Repost
Reverted! I deleted the series in December 2015 but at the request of tmitchell5280, I have reposted. YMMV!
(DRAFT)VMware NSX Lab Part 5: Microsoft Directory Services & DNS
DNS is a requirement for a number of different components. Also, Directory Services provide security groups for ease of management of many of VMware's components, thus the use of Windows Server.
Before moving forward, you need to select either Server 2008 R2 or Server 2012 R2. For our purposes, both will work but you will find more documentation exists for Server 2008 R2. Also, Server 2012 R2 in the context of this lab provides no additional enhancements (to my knowledge). I will be using Server 2008 R2.
NOTE
The installations in this lab may not represent production installations. For example, installing and configuring Microsoft AD Directory Services or Certificate Services in a production environment requires significantly more planning and configuration.
Virtual Machine Creation
After download of the Server 2008 R2 installation ISO, create a new virtual machine specifying the following:
- Windows 64 bit
- 1 CPU
- 2 GB RAM
- Host-only MANAGEMENT.
- 40 GB, LSI Logic SAS, SCSI Disk
Note when creating a 'New Virtual Machine' in VMware Workstation 11 using 'Typical' will use the specifications above with the exception that you need to specify the virtual network.
In addition, customize hardware and remove the following:
- USB Controller
- Sound Card
- Printer
If you did not mount the Server 2008 R2 installation media during the creation of the virtual machine, do so before moving to the next step.
Next, power-on to firmware or BIOS and disable all unneeded devices. With VMware Workstation I disable Legacy Floppy A, then under 'Advanced' and 'I/O Device Configuration' disable all items:
- Serial ports
- Parallel port
- Floppy controller
Exit saving changes. After the power cycle, Windows Server 2008 R2 installation should begin. Complete the installation and reboot. Note to install Windows updates, a DNS host must be set, e.g. Google's DNS 8.8.8.8. Install updates then make any customizations including the host name, I will be using 'ds,' and reboot as necessary. Lastly, you will need a static IP address, so configure using 172.19.201.10, 255.255.255.0, gateway of 172.19.201.254, and change DNS from 8.8.8.8 to 127.0.0.1. Advise a shutdown then 'snap' before proceeding.
Installing Directory Services & DNS
To install Directory Services and DNS, enable the AD DS role which will also install DNS. Prior to the installation you will need to specify a domain. I am using host name 'ds' with the domain 'vcpnvlab.net.'
Detailed instruction for Server 2008/R2 and 2012/R2 can be found below.
Tasks after Role Installation
- Create reverse lookup zones for 172.19.201.0, 172.19.202.0, and 172.19.203.0. Probably not required but I did not test without it.
- Remember to create static records for all none domain members. Generally all Linux components including VMware components.
- Disable DNS root hints and configure something a bit more practical for lookups. Either the Vyos router--I did not provide those instructions (it's on my 2do list), or use Google's DNS hosts 8.8.8.8 and 8.8.4.4. Not required.
- Create an account and add it to domain admins to have a back door account if you forget the password or break 'administrator.'